View PDF HTML (experimental)

Abstract:This paper proposes a hardware-aware intrusion detection system (IDS) for Internet of Things (IoT) and Industrial IoT (IIoT) networks; it targets scenarios where classification is essential for fast, privacy-preserving, and resource-efficient threat detection. The goal is to optimize both tree-based machine learning (ML) models and compact deep neural networks (DNNs) within strict edge-device constraints. This allows for a fair comparison and reveals trade-offs between model families. We apply constrained grid search for tree-based classifiers and hardware-aware neural architecture search (HW-NAS) for 1D convolutional neural networks (1D-CNNs). Evaluation on the Edge-IIoTset benchmark shows that selected models meet tight flash, RAM, and compute limits: LightGBM achieves 95.3% accuracy using 75 KB flash and 1.2 K operations, while the HW-NAS-optimized CNN reaches 97.2% with 190 KB flash and 840 K floating-point operations (FLOPs). We deploy the full pipeline on a Raspberry Pi 3 B Plus, confirming that tree-based models operate within 30 ms and that CNNs remain suitable when accuracy outweighs latency. These results highlight the practicality of hardware-constrained model design for real-time IDS at the edge.

Submission history

From: Adel Chehade [view email] [v1] Mon, 1 Dec 2025 23:36:03 UTC (27 KB)